Leveraging Multi-Agent Systems and Open-Source
Large Language Models for Web Application
Vulnerability Exploitation
Zabith N.M. - 248295J
Department of Computer Science and Engineering
University of Moratuwa
[email protected]
I. I NTRODUCTION
Web application security is critical in this digital age, where
a vulnerability can lead to significant losses in finances, data,
and trust. Recent advancements in Artificial Intelligence (AI),
specifically the AI boom happening with Large Language
Models (LLMs) have opened ways for compromising and
protecting cybersecurity. LLMs are being used for their re-
markable capabilities in various applications but their potential
in cybersecurity is not fully explored, specifically in exploiting
web application vulnerabilities. While most capable LLMs are
being protected by guard LLMs (OpenAI, Claude) there are a
high number of open-source models being available publicly
without any such protections. This research aims to investigate
how multi-agent systems powered by open-source LLMs can
identify and exploit vulnerabilities in web applications and
provide insights into strengthening web application security
measures.
II. R ESEARCH P ROBLEM
Rapid evolution of attack vectors and continuous discovery
of new vulnerabilities challenging the current landscape of
web application vulnerabilities. Traditional way of finding
vulnerabilities and exploiting vulnerabilities done by human
expertise, which is limited in terms of speed, scalability and
knowledge. Recent studies have shown that LLM (GPT-4)
agents can autonomously exploit known vulnerabilities (zero-
day vulnerabilities) when provided with vulnerability descrip-
tions [1,2]. However the studies find the agents are struggling
with identifying vulnerabilities without description and long
range planning when used alone [3]. The research aims to
fill the gap by implementing a multi-agent system that uses
open-source LLMs to autonomously identify and exploit web
application vulnerabilities, in a scalable and efficient manner.
III. R ESEARCH O BJECTIVES
The objectives of this research are:
• Develop a multi-agent system framework that utilises
open-source LLM for autonomous vulnerability exploita-
tion.
• Test and evaluate the effectiveness of open-source LLM
agents in identifying and exploiting zero-day vulnerabil-
ities.
• Test and evaluate the effectiveness of open-source LLM
agents in identifying and exploiting unknown vulnerabil-
ities.
• Compare the performance of the system with previous
studies and vulnerability scanners.
IV. P ROPOSED M ETHOD
The proposed method involves the development of a multi-
agent system with specialised roles integrated with multiple
LLMs and cybersecurity tools. The agents will be integrated
with LLM according to their role and capability of the LLM.
From the agents LLMs will have access to cybersecurity tools,
a browser, a terminal and file system. The primary components
of the system will include:
• A planning agent integrated with an LLM that can
determine potential vulnerabilities.
• A coordinate agent integrated with an LLM that dis-
tributes tasks identified by the planning agent to sub-
agents.
• Subagents equipped with LLMs and access to cybersecu-
rity tools, terminal, browser, and file system.
The system will act like a ReAct agent where the feedback
will be provided to planning agents with identified potential
vulnerabilities for further improvements and to plan the ex-
ploitation steps [4].The system will be tested on a real world
application with vulnerabilities, including those beyond the
knowledge cutoff date of utilised LLMs. To ensure ethical
practices, the system will be tested on a controlled sandboxed
environment.
A. Resources Required
The following resources will be required:
• Access to open-source LLMs and their APIs (e.g., GitHub
Marketplace models, GroqCloud, Azure AI Studio).
• A repository of real-world web applications with known
vulnerabilities.
• Computing resources capable of running multiple agents
simultaneously.
R EFERENCES
[1] R. Fang, R. Bindu, A. Gupta, Q. Zhan, and D. Kang, ”LLM agents can
autonomously hack websites,” arXiv preprint arXiv:2404.08144, 2024.
[2] R. Fang, R. Bindu, A. Gupta, and D. Kang, ”LLM agents
can autonomously exploit one-day vulnerabilities,” arXiv preprint
arXiv:2404.08144, 2024.
[3] R. Fang, R. Bindu, A. Gupta, Q. Zhan, and D. Kang, ”Teams of LLM
Agents can Exploit Zero-Day Vulnerabilities,” University of Illinois
Urbana-Champaign, 2024.
[4] S. Yao, J. Zhao, D. Yu, N. Du, I. Shafran, K. Narasimhan, and Y. Cao,
”ReAct: Synergizing reasoning and acting in language models,” arXiv
preprint arXiv:2210.03629, 2022.